Data Subject Access Requests (DSAR) — How to Exercise Your Rights

Step 1: Identify the right Controller

• Website data (forms, marketing, cookies): NightShield is the Controller. Submit your request to privacy@nightshield.ai (subject: "DSAR").
• Product/venue footage & incident clips: NightShield acts as a Processor on behalf of the venue (your employer or the venue you visited). Contact the venue directly; we will support them under our DPA (/dpa).

Step 2: What to include

• Your full name and contact email.
• What you're requesting (access/erasure/etc.).
• Context: website enquiry; or venue name, date/time, area of the venue (if product-related).
• Proof of identity (we may request reasonable verification if needed).

Step 3: Our response time

We aim to respond within one month of verifying identity. Complex cases may take an additional two months; we'll tell you if so.

Step 4: What you'll receive

• Website data: a summary of the personal data we hold from your website interactions (forms, marketing preferences, and relevant logs), plus actions taken (e.g., correction or deletion).
• Product/venue data: we will inform you who the Controller is and pass your request to the venue; we'll assist them under our DPA timelines.

Fees

DSARs are free. We may charge a reasonable fee or refuse requests that are manifestly unfounded or excessive.

Complaints

If unresolved, you can complain to the UK ICO (ico.org.uk).